Vulnerabilities > Bdtask

DATE CVE VULNERABILITY TITLE RISK
2022-05-20 CVE-2022-28991 Forced Browsing vulnerability in Bdtask Multi Store Inventory Management System 1.0
Multi Store Inventory Management System v1.0 was discovered to contain an information disclosure vulnerability which allows attackers to access sensitive files.
network
low complexity
bdtask CWE-425
7.5
2022-05-20 CVE-2022-28993 Missing Authorization vulnerability in Bdtask Multi Store Inventory Management System 1.0
Multi Store Inventory Management System v1.0 allows attackers to perform an account takeover via a crafted POST request.
network
low complexity
bdtask CWE-862
critical
9.8
2021-01-27 CVE-2020-36012 Cross-site Scripting vulnerability in Bdtask Multi-Store 1.0.0
Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field.
network
bdtask CWE-79
3.5
2020-06-22 CVE-2020-13426 Cross-Site Request Forgery (CSRF) vulnerability in Bdtask Multi-Scheduler 1.0.0
The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery (CSRF) vulnerability in the forms it presents, allowing the possibility of deleting records (users) when an ID is known.
network
bdtask CWE-352
4.3